Chinese Hotlinking?

[cd34]

Depending on your directory structure:

Create a directory of files that are hotlinkable universally and put

RewriteEngine off

in the .htaccess in that directory

Then, you can protect your main site with rewrite rules:

Code:

RewriteEngine on
# leave this line in allow empty referrers, remove to disallow empty referrers
RewriteCond %{HTTP_REFERER} !^$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*@)?([a-z0-9-]+\.)*yourdomain\.com(:[0-9]+)?(/.*)?$ [NC]
RewriteRule .*\.(asf|mpg|mpeg|wmv|avi|rm|gif|jpeg|jpg|zip)$ - [NC,F,L]

replace yourdomain with your domain name.

Blocking domains in your .htaccess like

deny from *.chinesesitename.com

won't do what you need -- and will only slow down page requests because each IP address that hits your site would need to do a reverse lookup. I don't know if that is what you've done, or, if you are putting in mod_rewrite rules to specifically block domains.

You could also do the reverse and do something like:

Code:

RewriteEngine on
RewriteCond %{HTTP_REFERER} (domain1\.com|domain2\.com|domain3\.com) [NC]
RewriteRule .* - [F]

which would be a block based on the incoming referrer.

My suggestion would really be to disallow hotlinking except for domains that you want to allow hotlinking for which prevents this sort of thing from happening in the future, and, stops the immediate problem without you having to search through logs or referrers to figure out who is hotlinking.

If you want to allow multiple sites to hotlink, you can put lines like:

Code:

RewriteCond %{HTTP_REFERER} !^http://(.*@)?([a-z0-9-]+\.)*yourdomain\.com(:[0-9]+)?(/.*)?$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*@)?([a-z0-9-]+\.)*yourseconddomain\.com(:[0-9]+)?(/.*)?$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*@)?([a-z0-9-]+\.)*yourotherdomain\.com(:[0-9]+)?(/.*)?$ [NC]

You can consolidate that a bit, but, I think that makes the rules a bit confusing to troubleshoot later on.